3

I'm working on Centos7. I have a Docker container which is running Jenkins. In that Jenkins-container I have to build and run other Docker containers. But Jenkins doesn't know docker. I'm able to execute a shell and install docker inside the container. But isn't it possible to let the container use my docker-engine on the host? How can I use it?

What is the best option to install Docker inside a Jenkins-(docker)-container?

2 Answers2

1

Generally, a container-in-container setup involves linking /var/run/docker.sock and docker itself.
For example, in this thread:

docker run --name jenkins --privileged=true -t -i --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(which docker):/bin/docker -p 8080:8080 jenkins

This is not exactly your case, since you don't need to run Jenkins itself in a "cic" (container in container").
But that illustrates how you would run any container in a container, with docker available in it.

Make sure the user in that container is part of the docker group (if you don't want to use root), as in this jenkins/setup-docker-and-start-jenkins.sh script

#!/bin/sh
set -e

JUSER="jenkins"

DOCKER_GID=$(ls -aln /var/run/docker.sock  | awk '{print $4}')

if ! getent group $DOCKER_GID; then
    echo creating docker group $DOCKER_GID
    addgroup --gid $DOCKER_GID docker
fi

if ! getent group $GID; then
    echo creating $JUSER group $GID
    addgroup --gid $GID $JUSER
fi

if ! getent passwd $JUSER; then
    echo useradd -N --gid $GID -u $UID $JUSER
    useradd -N --gid $GID -u $UID $JUSER
fi

DOCKER_GROUP=$(ls -al /var/run/docker.sock  | awk '{print $4}')
if ! id -nG "$JUSER" | grep -qw "$DOCKER_GROUP"; then
    adduser $JUSER $DOCKER_GROUP
fi

chown -R $JUSER:$JUSER /var/jenkins_home/

Note that this setup uses tini to launch Jenkins (as I described in "Jenkins does not run automatically after install in Docker container")

exec su $JUSER -c "/bin/tini -- /usr/local/bin/jenkins.sh"

Again, those scripts are for using Jenkins in "cic".
In your case, you can use those scripts for the containers that your Jenkins will have to run.

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
1

Using the official Jenkins docker image: 

docker run -d \
    -u root \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v $(which docker):/usr/bin/docker:ro \
    -p 8080:8080 \
    --name jenkins \
    jenkins

Then to verify everything is working:

  • create a new job
  • add a shell script as a build step with docker version as content

If you run into the following error on CentOS 7:

docker: error while loading shared libraries: libsystemd-journal.so.0: cannot open shared object file: No such file or directory

then start the container with:

docker run -d \
    -u root \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v $(which docker):/usr/bin/docker:ro \
    -v /usr/lib64/libsystemd-journal.so.0:/usr/lib/x86_64-linux-gnu/libsystemd-journal.so.0 \
    -v /usr/lib64/libsystemd-id128.so.0:/usr/lib/x86_64-linux-gnu/libsystemd-id128.so.0 \
    -v /usr/lib64/libdevmapper.so.1.02:/usr/lib/x86_64-linux-gnu/libdevmapper.so.1.02 \
    -v /usr/lib64/libgcrypt.so.11:/usr/lib/x86_64-linux-gnu/libgcrypt.so.11 \
    -v /usr/lib64/libdw.so.1:/usr/lib/x86_64-linux-gnu/libdw.so.1 \
    -p 8080:8080 \
    --name jenkins \
    jenkins
Thomasleveil
  • 95,867
  • 15
  • 119
  • 113
  • 1
    Executing a docker command gave me: docker: error while loading shared libraries: libsystemd-journal.so.0: cannot open shared object file: No such file or directory –  Jan 11 '16 at 13:32
  • @Jenson I was able to figure this out, answer updated for CentOS 7 specificities. – Thomasleveil Jan 11 '16 at 14:28
  • Thanks, also correct. Only it seems not that good to use root and not the jenkinsuser to talk with docker, isn't it? –  Jan 11 '16 at 14:33
  • it all depends if you want to expose this Jenkins on the Internet or if you control the network on which it will be deployed. Otherwise, remove `-u root` but then in your Jenkins jobs, use `sudo docker version` instead of just calling `docker version`. See https://github.com/thomasleveil/docker-jenkins-dsl-ready#using-docker-within-jobs for differents ways to share docker from a host to a container – Thomasleveil Jan 11 '16 at 14:40
  • But I would refrain myself from exposing any docker container on the Internet if that container shares the `/var/run/docker.sock` socket with the docker host. – Thomasleveil Jan 11 '16 at 14:42
  • I got this error using 1st and 2nd command "docker: error while loading shared libraries: libltdl.so.7: cannot open shared object file: No such file or directory" – Nicolas S.Xu Jun 08 '17 at 15:43